[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP/Kerberos user management

To: John Green <green@blueheronbio.com>
Subject: Re: LDAP/Kerberos user management
From: Al Lilianstrom <al.lilianstrom@fnal.gov>
Date: Fri, 23 Aug 2002 06:47:15 -0500
Cc: "Openldap-Software (E-mail)" <openldap-software@OpenLDAP.org>
References: <000601c249f6$5cf667f0$0a00000a@blueheronbio.com>

We did something like this. A Oracle application drives a couple of
scripts when a new user is added to a particular database. One script
issues kadmin scripts to add the user to the MIT KDC. The second script
uses the OpenLDAP tools ldapsearch and ldapmodify to add the same user
to Active Directory. Kerberos is used for authentication all around so
there are no passwords going over the network at any time.

	al

John Green wrote:
> 
> Hi, I am trying to find a method for a principal automatically being created
> in a Kerberos database while at the same time adding a corresponding entry
> to an LDAP database.  Has anyone heard of or is anyone using something like
> this?  I have found some utilities for sale on the web (some might even
> work), just looking for alternatives.  I am trying to automate the creation
> of username/password/ldap_entry/Kerberos_principal/customer_web_site, which
> the customer will be able to accomplish without IT intervention from a
> common web site.
> 
> Thanks for any help or advice  --  John

-- 

Al Lilianstrom
CD/OSS/CSI
Al.Lilianstrom@fnal.gov

Follow-Ups:
- RE: LDAP/Kerberos user management
  - From: "John Green" <green@blueheronbio.com>

References:
- LDAP/Kerberos user management
  - From: "John Green" <green@blueheronbio.com>

Prev by Date: Re: number of entries
Next by Date: sasl / slapd problem
Index(es):
- Chronological
- Thread